Method and apparatus for secure data transmission

ABSTRACT

A method for secure transmission of data having a destination address and a source address on a shared communication network comprising the steps of transmitting a multiplicity of data frames, each containing at least an encrypted data sequence employing the destination address as at least part of a decryption key therefor, receiving the multiplicity of data frames at a receiver on the shared communication network and attempting to decrypt the encrypted data sequence by employing the local address of the receiver as at least part of a decryption key.

FIELD OF THE INVENTION

The present invention relates to data transmission apparatus and methodsgenerally and more particularly to methods and apparatus for secure datatransmission.

BACKGROUND OF THE INVENTION

Various apparatus and techniques are known for secure transmission ofdata. A news release dated Mar. 10, 1992 of SynOptics Communications,Inc. describes a technology which provides data privacy and control forEthernet local area networks. The technology, as described in the newsrelease, does not provide encryption/decryption but rather only providesaccess control which may complement existing encryption and othersecurity techniques. By using the technology proposed by SynOptics, onlythe intended destination receives a packet of data. Unauthorizedstations attempting to access this data will see only meaningless data.

There are described in the Mar. 27, 1992 issue of Network Week, variouspatents of Synoptics and 3Com relating to security on Ethernet networks.

SUMMARY OF THE INVENTION

The present invention seeks to provide a method and apparatus for securetransmission of data which overcomes many of the limitations of theprior art.

There is thus provided in accordance with a preferred embodiment of thepresent invention, a method for secure transmission of data having adestination address and a source address on a shared communicationnetwork including the steps of transmitting a multiplicity of dataframes, each containing at least an encrypted data sequence employingthe destination address as at least part of a decryption key therefor,receiving the multiplicity of data frames at a receiver on the sharedcommunication network, and attempting to decrypt the encrypted datasequence by employing the local address of the receiver as at least partof a decryption key.

In accordance with a preferred embodiment of the invention, themultiplicity of data frames each also contains an address checksequence, and including the further step of employing, prior to the stepof attempting to decrypt, the address check sequence and the sourceaddress to verify that the local address of the receiver is identical tothe destination address.

In a preferred embodiment of the present invention, the method forsecure transmission further includes the step of preventing the receiverfrom receiving the transmission upon failure to verify that the localaddress of the receiver is identical to the destination address.

In a preferred embodiment of the invention, the multiplicity of dataframes each also contains an encrypted source address sequence employingthe destination address as at least part of a decryption key, andwherein the method also includes the step of employing the local addressof the receiver to attempt to decrypt the encrypted source addresssequence.

In accordance with a preferred embodiment of the invention, the methodfor secure transmission also includes the step of employing thedecrypted source address as part of a decryption key to decrypt the datasequence.

There is further provided, in accordance with a preferred embodiment ofthe invention, a method for secure transmission of data on a sharedcommunication network including the steps of transmitting a multiplicityof data frames, each containing at least an encrypted data sequence,receiving the multiplicity of data frames at a receiving location on theshared communication network, and attempting to decrypt the datasequence.

Preferably, the shared communication network includes an Ethernet typenetwork.

There is further provided, in accordance with a preferred embodiment ofthe invention, apparatus for secure transmission of data having adestination address and a source address on a shared communicationnetwork, the apparatus including a transmitter, operative fortransmitting a multiplicity of data frames, each containing at least anencrypted data sequence employing the destination address as at leastpart of a decryption key therefor, a decrypter, operative for attemptingto decrypt the encrypted data sequence by employing the local address ofthe receiver as at least part of a decryption key, and a receiver, whichreceives the multiplicity of data frames on the shared communicationnetwork after decryption thereof.

In a preferred embodiment of the invention, the multiplicity of dataframes each also contains an address check sequence, and the decrypterincludes apparatus for employing the address check sequence and thesource address to verify that the local address of the receiver isidentical to the destination address prior to attempting to decrypt.

Preferably, the decrypter is operative, upon failure to verify that thelocal address of the receiver is identical to the destination address,to prevent the receiver from receiving the transmission.

In a preferred embodiment of the invention, the multiplicity of dataframes each also contains an encrypted source address sequence employingthe destination address as at least part of a decryption key, and thedecrypter also contains means for employing the local address of thereceiver to attempt to decrypt the encrypted source address sequence.

Preferably, the apparatus further includes means for employing thedecrypted source address as part of a decryption key to decrypt the datasequence.

There is further provided, in accordance with a preferred embodiment ofthe invention, apparatus for secure transmission of data on a sharedcommunication network including apparatus for transmitting amultiplicity of data frames, each containing at least an encrypted datasequence, apparatus for receiving the multiplicity of data frames at areceiving location on the shared communication network, and apparatusfor attempting to decrypt the data sequence.

Preferably, the shared communication network is an Ethernet-typenetwork.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention will be understood and appreciated more fully fromthe following detailed description, taken together with the drawings inwhich:

FIG. 1 is a simplified illustration of a shared broadcast typecommunication network constructed and operative in accordance with apreferred embodiment of the invention;

FIGS. 2A and 2B are illustrations of respective unencrypted andencrypted data sequences in accordance with a preferred embodiment ofthe present invention;

FIG. 3 is a flow chart illustration of an encryption algorithmconstructed and operative in accordance with a preferred embodiment ofthe present invention; and

FIG. 4 is a flow chart illustration of a decryption algorithmconstructed and operative in accordance with a preferred embodiment ofthe present invention.

DETAILED DESCRIPTION OF A PREFERRED EMBODIMENT

Reference is now made to FIG. 1, which illustrates a network securitysystem constructed and operative in accordance with a preferredembodiment of the present invention. The system includes a shared,broadcast type, communication network 10, such as Ethernet wherein eachtransmitting station broadcasts to all other stations in the network.

In accordance with a preferred embodiment of the present invention, theshared, broadcast type, communication network 10 is operative to"broadcast" signals which are encrypted by an encryptor/decrypter 12associated with a transmitting remote terminal 14 and which can only bedecrypted by the intended recipient thereof, i.e. encryptor/decrypter 12associated with a predetermined one or more of remote terminals 14, andhaving physically secure communication therewith.

It is to be appreciated that the shared broadcast type communicationnetwork 10 may be of any suitable configuration including a starconfiguration having a single hub or multiple hubs which areinterconnected by secure or non-secure communications links. Thecommunication network may be an Ether net-type network. Theencryptor/decrypter may be located physically inside a hub or a remoteterminal or may be physically remote therefrom and connected thereto bya secure communication link or within a secure environment.

Reference is now made to FIG. 2A which illustrates a typical data frameprior to encryption in accordance with a preferred embodiment of theinvention. Such a data frame includes, inter alia, a destination address20, a source address 22 and data 24. In accordance with a preferredembodiment of the present invention, this data frame is encrypted toinclude, inter alia, an address check sequence 26, an encrypted sourceaddress sequence 28 and an encrypted data sequence 30.

An encryption algorithm useful in accordance with a preferred embodimentof the invention is summarized in FIG. 3. As seen in FIG. 3, thealgorithm encrypts the source address 22 using the destination address20 and then employs both the destination address and the encryptedsource address 28 to create check code "CHC" sequence 26. Thedestination address is then removed from the frame prior to transmissionand the CHC sequence is added thereto. The data 24 is encrypted usingone or both of the destination address and the source address asencryption keys.

A decryption algorithm which is useful in accordance with a preferredembodiment of the invention is summarized in FIG. 4. The destinationaddress of the local terminal to which the decrypter is connected isused, in order to decrypt the encrypted source address.

The source address and the destination address are used to calculate theCHC check code. If the calculated CHC code matches the received CHC, thedata sequence is decoded using the source address and the destinationaddress and forwarded to the receiving terminal associated with thedecrypter.

If the calculated CHC does not match the received CHC, the terminal isprevented from receiving the transmission. In one embodiment of theinvention the transmission is replaced by meaningless data.

In accordance with an alternative embodiment of the present invention,the CHC may be eliminated from the encryption and decryption algorithms.

In accordance with an embodiment of the invention, the source addressneed not be involved in encryption and decryption and only the localaddress of the receiver is employed as part of a decryption key used indecrypting the data sequence.

It will be appreciated by persons skilled in the art that the presentinvention is not limited by what has been particularly shown anddescribed hereinabove. Rather the scope of the present invention isdefined only by the claims which follow:

I claim:
 1. A method for secure transmission of data having adestination address and a source address on a shared communicationnetwork comprising the steps of: transmitting a multiplicity of dataframes, each containing at least an encrypted data sequence, saidmultiplicity of data frames also containing an address checksequence;receiving the multiplicity of data frames at a receiver on theshared communication network; employing the address check sequence andthe source address to verify that the local address of the receiver isidentical to the destination address; and performing a decryptionoperation on the encrypted data sequence of verified data frames.
 2. Amethod according to claim 1 and including the step of preventing thereceiver from receiving the transmission upon failure to verify that thelocal address of the receiver is identical to the destination address.3. A method according to claim 2 wherein said encrypted data sequencealso employs the destination address as at least part of the keytherefor and wherein the step of performing a decryption operationutilizes the local address of the receiver as at least part of adecryption key for decryption purposes.
 4. A method according to claim 2wherein said multiplicity of data frames each also contains an encryptedsource address sequence employing the destination address as at leastpart of a decryption key, and wherein the step of performing adecryption operation also comprises the step of:employing the localaddress of the receiver as part of a decryption key to decrypt theencrypted source address sequence.
 5. A method according to claims 4 andwherein the step of performing a decryption operation also comprisingthe step of:employing the decrypted source address as part of adecryption key to decrypt the data sequence.
 6. A method according toclaim 5 wherein said encrypted data sequence also employs thedestination address as at least part of the key therefor and wherein thestep of performing a decryption operation utilizes the local address ofthe receiver as at least part of a decryption key for decryptionpurposes.
 7. A method according to claim 4 wherein said encrypted datasequence also employs the destination address as at least part of thekey therefor and wherein the step of performing a decryption operationutilizes the local address of the receiver as at least part of adecryption key for decryption purposes.
 8. A method according to claim 1wherein said multiplicity of data frames each also contains an encryptedsource address sequence employing the destination address as at leastpart of a decryption key, and wherein the step of performing adecryption operation also comprises the step of:employing the localaddress of the receiver as part of a decryption key to decrypt theencrypted source address sequence.
 9. A method according to claim 8 andwherein the step of performing a decryption operation also comprisingthe step of:employing the decrypted source address as part of adecryption key to decrypt the data sequence.
 10. A method according toclaim 9 wherein said encrypted data sequence also employs thedestination address as at least part of the key therefor and wherein thestep of performing a decryption operation utilizes the local address ofthe receiver as at least part of a decryption key for decryptionpurposes.
 11. A method according to claim 8 wherein said encrypted datasequence also employs the destination address as at least part of thekey therefor and wherein the step of performing a decryption operationutilizes the local address of the receiver as at least part of adecryption key for decryption purposes.
 12. A method according to claim1 wherein said encrypted data sequence also employs the destinationaddress as at least part of the key therefor and wherein the step ofperforming a decryption operation utilizes the local address of thereceiver as at least part of a decryption key for decryption purposes.13. Apparatus for secure transmission of data having a destinationaddress and a source address on a shared communication networkcomprising:a transmitter which transmits a multiplicity of data frames,each containing at least an encrypted data sequence, said multiplicityof data frames also containing an address check sequence; a verifierwhich receives the encrypted data sequence and employs the address checksequence and the source address to verify that the local address of thereceiver is identical to the destination address; a decrypter, whichreceives the verified data frames and performs a decryption operationthereon; and a receiver, which receives said multiplicity of data frameson said shared communication network after decryption thereof. 14.Apparatus according to claim 13 and wherein said decrypter prevents thereceiver from receiving the transmission upon failure to verify that thelocal address of the receiver is identical to the destination address.15. Apparatus according to claim 14 and wherein said multiplicity ofdata frames each also contains an encrypted source address sequenceemploying the destination address as at least part of a decryption key,and wherein said decrypter employs the local address of the receiver todecrypt the encrypted source address sequence.
 16. Apparatus accordingto claim 15 wherein the decrypter also employs the decrypted sourceaddress as part of a decryption key to decrypt the data sequence. 17.Apparatus according to claim 16 wherein said encrypted data sequencealso employs the destination address as at least part of the keytherefor and wherein the decrypter employs the local address of thereceiver as at least part of a decryption key for decryption purposes.18. Apparatus, according to claim 15 wherein said encrypted datasequence also employs the destination address as at least part of thekey therefor and wherein the decrypter employs the local address of thereceiver as at least part of a decryption key for decryption purposes.19. Apparatus according to claim 14 wherein said encrypted data sequencealso employs the destination address as at least part of the keytherefor and wherein the decrypter employs the local address of thereceiver as at least part of a decryption key for decryption purposes.20. Apparatus according to claim 13 and wherein said multiplicity ofdata frames each also contains an encrypted source address sequenceemploying the destination address as at least part of a decryption key,and wherein said decrypter employs the local address of the receiver todecrypt the encrypted source address sequence.
 21. Apparatus accordingto claim 20 wherein the decrypter also employs the decrypted sourceaddress as part of a decryption key to decrypt the data sequence. 22.Apparatus according to claim 21 wherein said encrypted data sequencealso employs the destination address as at least part of the keytherefor and wherein the decrypter employs the local address of thereceiver as at least part of a decryption key for decryption purposes.23. Apparatus according to claim 20 wherein said encrypted data sequencealso employs the destination address as at least part of the keytherefor and wherein the decrypter employs the local address of thereceiver as at least part of a decryption key for decryption purposes.24. Apparatus according to claim 13 wherein said encrypted data sequencealso employs the destination address as at least part of the keytherefor and wherein the decrypter employs the local address of thereceiver as at least part of a decryption key for decryption purposes.